> For the complete documentation index, see [llms.txt](https://docs.payments.thalescloud.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.payments.thalescloud.io/nfc-wallet-sdk-android/implement-nfc-wallet/tokenize-a-card/set-cdcvm-method/device-unlock-method-update-scenarios.md).

# Device unlock method update scenarios

## Overview

If the end user enables a secure lock screen and the issuer application sets **biometric** or **device credentials (keyguard)** as the CDCVM method, handle device unlock changes carefully.

Some changes invalidate the key material stored in Android Keystore. NFC Wallet SDK detects this only when it accesses the keystore. During payment, the issuer application may then fail to retrieve cards and receive a `CARD_NOT_EXISTING` exception.

The following scenarios summarize the expected behavior.

## Scenarios

<table data-full-width="true"><thead><tr><th>Scenario</th><th>OS</th><th>SDK</th><th>Digital wallet application</th></tr></thead><tbody><tr><td>End user disables the secure lock screen</td><td>Invalidates the key material in Android Keystore. Android does not notify the digital wallet application when this happens.</td><td>Detects the invalid key material only when it accesses the keystore.</td><td>During payment, does not find any cards and receives a <code>CARD_NOT_EXISTING</code> exception.</td></tr><tr><td>End user changes the secure lock screen type, for example from fingerprint to passcode, or from passcode to PIN</td><td>No action.</td><td>No action.</td><td>Optionally detect this change at startup or in a background check, based on your issuer application logic.</td></tr><tr><td>End user disables the secure lock screen, then enables it again</td><td>Invalidates the key material as soon as the secure lock screen is disabled.</td><td>Detects the invalid key material only when it accesses the keystore.</td><td>During payment, does not find any cards and receives a <code>CARD_NOT_EXISTING</code> exception.</td></tr><tr><td>End user adds a new fingerprint</td><td>No action.</td><td>No action.</td><td>No action.</td></tr><tr><td>End user removes all fingerprints</td><td>Invalidates the key material in Android Keystore if the digital wallet application uses <strong>biometric</strong> as the CDCVM method.</td><td>If <strong>biometric</strong> is used as the CDCVM method, detects the invalid key material only when it accesses the keystore.</td><td>If <strong>biometric</strong> is used as the CDCVM method, during payment does not find any cards and receives a <code>CARD_NOT_EXISTING</code> exception.</td></tr></tbody></table>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.payments.thalescloud.io/nfc-wallet-sdk-android/implement-nfc-wallet/tokenize-a-card/set-cdcvm-method/device-unlock-method-update-scenarios.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.